John Emil Youhana

Group Senior SOC Analyst - Tier 2 Incident ResponderFull Time

• Job Details:- Mentor level 1 analysts and act as an escalation point to improve detection capability within the SOC. - Conduct digital forensics Investigation for multiple Incident types such as Fraud, Ransomware, Cyber attacks and incidents. - Use a range of security tools and technologies to identify and respond to security threats. - Provide regular updates on incident response activities. - Provide deep investigation of escalated security incidents and DFIR Analysis. - Develop and maintain incident response playbooks and procedures. - Create and tune the SIEM rules to improve detection capability. - Perform threat hunting based on TTPs of specific threat actors and Data sources for proactive detection. - Perform POC on various security solutions to assess their capabilities and ascertain their suitability for our environment. - Collaborate with other teams to ensure security incidents are resolved in a timely and effective manner. - Investigate and analyze malicious phishing emails, domains and IPs and take proper action based on IOCs extracted from analysis.

SOC Analyst - Tier 1Full Time

• Job Details:- Detect, classify, and report incidents to either escalate to triage team or close the event to ensure the root cause of the incident. - Perform analysis of log files to investigate the events to identify the root cause of the incident. - Recommend tuning SIEM filters and correlation rules to continuously improve monitoring and detection. - Develop scripts to automate repetitive tasks and reports. - Identify security risks and communicate escalations throughout the incidents per the SOC processes. - Monitor all log sources heart beat and report/investigate issues to ensure maintaining healthy logs to avoid any failure of data collection and impacting the core SOC monitoring function. - Performing vulnerability scanning & patch management to ensure all organization assets is patched properly. - Investigate and analyze malicious phishing emails, domains and IPs and recommend proper action based on IOCs extract analysis. - Monitor security intelligence feeds to track various APTs, malware families and campaigns to keep up with their TTPs. - Evaluating and recommending security solutions tuning to ensure better prevention.

Incident Management SpecialistFull Time

• Job Details:- Provide technical point of contact for customers’ incidents. - Owns the resolution responsibility of the reported customer incidents either solely or with the help/intervention of other teams. - Diagnose fault-related incidents by effectively utilising software diagnostics and other network/product utility programs. - Document all troubleshooting and incident management actions via the electronic incident management system in a timely manner. - Perform technical escalations to different Problem Management teams in line with company procedure and case/incident excellence. - Perform and own technical management escalations in line with company procedure and case excellence policy. - Obtain and document data integrity issues and ensure getting valid Reason for Outage (RFO) when applicable and to note it in detail and Gain agreement to incident closure by customer or Service desk representative.